Jump to content

Sarbanes–Oxley Act

From Wikipedia, the free encyclopedia

Sarbanes–Oxley Act of 2002
Great Seal of the United States
Long titleAn Act To protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes.
NicknamesSarbanes–Oxley, Sarbox, SOX
Enacted bythe 107th United States Congress
Public lawPub. L.Tooltip Public Law (United States) 107–204 (text) (PDF)
Statutes at Large116 Stat. 745
Acts amendedSecurities Exchange Act of 1934, Securities Act of 1933, Employee Retirement Income Security Act of 1974, Investment Advisers Act of 1940, Title 18 of the United States Code, Title 28 of the United States Code
Titles amended15, 18, 28, 29
Legislative history
  • Introduced in the House as "Corporate and Auditing Accountability, Responsibility, and Transparency Act of 2002" (H.R. 3763) by Mike Oxley (R-OH) on February 14, 2002
  • Committee consideration by House Financial Services, Senate Banking
  • Passed the House on April 24, 2002 (334–90)
  • Passed the Senate as the "Public Company Accounting Reform and Investor Protection Act of 2002" on July 15, 2002 (voice vote, in lieu of S. 2673 passed 97–0)
  • Reported by the joint conference committee on July 24, 2002; agreed to by the House on July 25, 2002 (423–3) and by the Senate on July 25, 2002 (99–0)
  • Signed into law by President George W. Bush on July 30, 2002
United States Supreme Court cases
Sen. Paul Sarbanes (DMD) (left) and Rep. Michael G. Oxley (ROH-4) (right), the co-sponsors of the Sarbanes–Oxley Act

The Sarbanes–Oxley Act of 2002 is a United States federal law that mandates certain practices in financial record keeping and reporting for corporations. The act, Pub. L.Tooltip Public Law (United States) 107–204 (text) (PDF), 116 Stat. 745, enacted July 30, 2002, also known as the "Public Company Accounting Reform and Investor Protection Act" (in the Senate) and "Corporate and Auditing Accountability, Responsibility, and Transparency Act" (in the House) and more commonly called Sarbanes–Oxley, SOX or Sarbox, contains eleven sections that place requirements on all U.S. public company boards of directors and management and public accounting firms. A number of provisions of the Act also apply to privately held companies, such as the willful destruction of evidence to impede a federal investigation.

The law was enacted as a reaction to a number of major corporate and accounting scandals, including Enron and WorldCom. The sections of the bill cover responsibilities of a public corporation's board of directors, add criminal penalties for certain misconduct, and require the Securities and Exchange Commission to create regulations to define how public corporations are to comply with the law.[1]


In 2002, Sarbanes–Oxley was named after bill sponsors U.S. Senator Paul Sarbanes (D-MD) and U.S. Representative Michael G. Oxley (R-OH). To be "SOX compliant," top management must individually certify the accuracy of financial information. In addition, penalties for fraudulent financial activity are much more severe. The act increased the oversight role of boards of directors and the independence of the outside auditors who review the accuracy of corporate financial statements.[2]

The bill was enacted as a reaction to a number of major corporate and accounting scandals, including those affecting Enron, Tyco International, Adelphia, Peregrine Systems, and WorldCom. These scandals cost investors billions of dollars when the share prices of affected companies collapsed, and shook public confidence in the US securities markets.[3]

The act contains eleven titles, or sections, ranging from additional corporate board responsibilities to criminal penalties, and requires the Securities and Exchange Commission (SEC) to implement rulings on requirements to comply with the law. Harvey Pitt, the 26th chairman of the SEC, led the SEC in the adoption of dozens of rules to implement the Sarbanes–Oxley Act. It created a new, quasi-public agency, the Public Company Accounting Oversight Board, or PCAOB, charged with overseeing, regulating, inspecting, and disciplining accounting firms in their roles as auditors of public companies. The act also covers issues such as auditor independence, corporate governance, internal control assessment, and enhanced financial disclosure. The nonprofit arm of Financial Executives International, Financial Executives Research Foundation, completed extensive research studies to help support the foundations of the act.[4]

The act was approved in the House by a vote of 423 in favor, 3 opposed, and 8 abstaining and in the Senate with a vote of 99 in favor and 1 abstaining. President George W. Bush signed it into law, stating it included "the most far-reaching reforms of American business practices since the time of Franklin D. Roosevelt. The era of low standards and false profits is over; no boardroom in America is above or beyond the law."[5]

In response to the perception that stricter financial governance laws are needed, SOX-type regulations were subsequently enacted in Canada (2002), Germany (2002), South Africa (2002), France (2003), Australia (2004), India (2005), Japan (2006), Italy (2006), Israel, and Turkey.[6] (See Similar laws in other countries below.)

Debates continued as of 2007 over the perceived benefits and costs of SOX. Opponents of the bill have claimed it has reduced America's international competitive edge because it has introduced an overly complex regulatory environment into US financial markets. A study commissioned by then New York City Mayor Michael Bloomberg and New York Senator Chuck Schumer cited this as one reason America's financial sector is losing market share to other financial centers worldwide.[7] Proponents of the measure said that SOX has been a "godsend" for improving the confidence of fund managers and other investors with regard to the veracity of corporate financial statements.[8]

The 10th anniversary of SOX coincided with the passing of the Jumpstart Our Business Startups (JOBS) Act, designed to give emerging companies an economic boost, and cutting back on a number of regulatory requirements.[9]

Major elements[edit]

  1. Public Company Accounting Oversight Board
    Title I consists of nine sections and establishes the Public Company Accounting Oversight Board, to provide independent oversight of public accounting firms providing audit services ("auditors"). It also creates a small central oversight board tasked with registering auditors, defining the specific processes and procedures for compliance audits, inspecting and policing conduct and quality control, and enforcing compliance with the specific mandates of SOX.
  2. Auditor Independence
    Title II consists of nine sections and establishes standards for external auditor independence, to limit conflicts of interest. It also addresses new auditor approval requirements, audit partner rotation, and auditor reporting requirements. It restricts auditing companies from providing non-audit services (e.g., consulting) for the same clients.
  3. Corporate Responsibility
    Title III consists of eight sections and mandates that senior executives take individual responsibility for the accuracy and completeness of corporate financial reports. It defines the interaction of external auditors and corporate audit committees, and specifies the responsibility of corporate officers for the accuracy and validity of corporate financial reports. It enumerates specific limits on the behaviors of corporate officers and describes specific forfeitures of benefits and civil penalties for non-compliance. For example, Section 302 requires that the company's "principal officers" (typically the chief executive officer and chief financial officer) certify and approve the integrity of their company financial reports quarterly.[10]
  4. Enhanced Financial Disclosures
    Title IV consists of nine sections. It describes enhanced reporting requirements for financial transactions, including off-balance-sheet transactions, pro-forma figures and stock transactions of corporate officers. It requires internal controls for assuring the accuracy of financial reports and disclosures, and mandates both audits and reports on those controls. It also requires timely reporting of material changes in financial condition and specific enhanced reviews by the SEC or its agents of corporate reports.
  5. Analyst Conflicts of Interest
    Title V consists of only one section, which includes measures designed to help restore investor confidence in the reporting of securities analysts. It defines the codes of conduct for securities analysts and requires disclosure of knowable conflicts of interest.
  6. Commission Resources and Authority
    Title VI consists of four sections and defines practices to restore investor confidence in securities analysts. It also defines the SEC's authority to censure or bar securities professionals from practice and defines conditions under which a person can be barred from practicing as a broker, advisor, or dealer.
  7. Studies and Reports
    Title VII consists of five sections and requires the Comptroller General and the SEC to perform various studies and report their findings. Studies and reports include the effects of consolidation of public accounting firms, the role of credit rating agencies in the operation of securities markets, securities violations, and enforcement actions, and whether investment banks assisted Enron, Global Crossing, and others to manipulate earnings and obfuscate true financial conditions.
  8. Corporate and Criminal Fraud Accountability
    Title VIII consists of seven sections and is also referred to as the "Corporate and Criminal Fraud Accountability Act of 2002". It describes specific criminal penalties for manipulation, destruction or alteration of financial records or other interference with investigations, while providing certain protections for whistle-blowers.
  9. White Collar Crime Penalty Enhancement
    Title IX consists of six sections. This section is also called the "White Collar Crime Penalty Enhancement Act of 2002". This section increases the criminal penalties associated with white-collar crimes and conspiracies. It recommends stronger sentencing guidelines and specifically adds failure to certify corporate financial reports as a criminal offense.
  10. Corporate Tax Returns
    Title X consists of one section. Section 1001 states that the chief executive officer should sign the company tax return.
  11. Corporate Fraud Accountability
    Title XI consists of seven sections. Section 1101 recommends a name for this title as "Corporate Fraud Accountability Act of 2002". It identifies corporate fraud and records tampering as criminal offenses and joins those offenses to specific penalties. It also revises sentencing guidelines and strengthens their penalties. This enables the SEC to resort to temporarily freezing transactions or payments that have been deemed "large" or "unusual". It also created the crime of obstructing an official proceeding.
  12. Obstructing an official proceeding
    Obstructing an official proceeding is a felony under U.S. federal law. It was enacted as part of the Sarbanes–Oxley Act of 2002 as a reaction to the Enron scandal, and closed a legal loophole on who could be charged with evidence tampering by defining the new crime very broadly. It later became known for its use as a charge against defendants associated with the 2021 U.S. Capitol attack for attempting to obstruct that year's Electoral College vote count.

History and context[edit]

A variety of complex factors created the conditions and culture in which a series of large corporate frauds occurred between 2000 and 2002. The spectacular, highly publicized frauds at Enron, WorldCom, and Tyco exposed significant problems with conflicts of interest and incentive compensation practices. The analysis of their complex and contentious root causes contributed to the passage of SOX in 2002.[11] In a 2004 interview, Senator Paul Sarbanes stated:

The Senate Banking Committee undertook a series of hearings on the problems in the markets that had led to a loss of hundreds and hundreds of billions, indeed trillions of dollars in market value. The hearings set out to lay the foundation for legislation. We scheduled 10 hearings over a six-week period, during which we brought in some of the best people in the country to testify ... The hearings produced remarkable consensus on the nature of the problems: inadequate oversight of accountants, lack of auditor independence, weak corporate governance procedures, stock analysts' conflict of interests, inadequate disclosure provisions, and grossly inadequate funding of the Securities and Exchange Commission.[12]

  • Auditor conflicts of interest: Prior to SOX, auditing firms, the primary financial "watchdogs" for investors, were self-regulated. They also performed significant non-audit or consulting work for the companies they audited. Many of these consulting agreements were far more lucrative than the auditing engagement. This presented at least the appearance of a conflict of interest. For example, challenging the company's accounting approach might damage a client relationship, conceivably placing a significant consulting arrangement at risk, damaging the auditing firm's bottom line.
  • Boardroom failures: Boards of Directors, specifically Audit Committees, are charged with establishing oversight mechanisms for financial reporting in U.S. corporations on the behalf of investors. These scandals identified Board members who either did not exercise their responsibilities or did not have the expertise to understand the complexities of the businesses. In many cases, Audit Committee members were not truly independent of management.
  • Securities analysts' conflicts of interest: The roles of securities analysts, who make buy and sell recommendations on company stocks and bonds, and investment bankers, who help provide companies loans or handle mergers and acquisitions, provide opportunities for conflicts. Similar to the auditor conflict, issuing a buy or sell recommendation on a stock while providing lucrative investment banking services creates at least the appearance of a conflict of interest.
  • Inadequate funding of the SEC: The SEC budget has steadily increased to nearly double the pre-SOX level.[13] In the interview cited above, Sarbanes indicated that enforcement and rule-making are more effective post-SOX.
  • Banking practices: Lending to a firm sends signals to investors regarding the firm's risk. In the case of Enron, several major banks provided large loans to the company without understanding, or while ignoring, the risks of the company. Investors of these banks and their clients were hurt by such bad loans, resulting in large settlement payments by the banks. Others interpreted the willingness of banks to lend money to the company as an indication of its health and integrity, and were led to invest in Enron as a result. These investors were hurt as well.
  • Internet bubble: Investors had been stung in 2000 by the sharp declines in technology stocks and to a lesser extent, by declines in the overall market. Certain mutual fund managers were alleged to have advocated the purchasing of particular technology stocks, while quietly selling them. The losses sustained also helped create a general anger among investors.
  • Executive compensation: Stock option and bonus practices, combined with volatility in stock prices for even small earnings "misses," resulted in pressures to manage earnings.[14] Stock options were not treated as compensation expense by companies, encouraging this form of compensation. With a large stock-based bonus at risk, managers were pressured to meet their targets.

Timeline and passage[edit]

Before the signing ceremony of the Sarbanes–Oxley Act, President George W. Bush met with Senator Paul Sarbanes, Secretary of Labor Elaine Chao and other dignitaries in the Blue Room at the White House on July 30, 2002.

The House passed Rep. Oxley's bill (H.R. 3763) on April 24, 2002, by a vote of 334 to 90. The House then referred the "Corporate and Auditing Accountability, Responsibility, and Transparency Act" or "CAARTA" to the Senate Banking Committee with the support of President George W. Bush and the SEC. At the time, however, the Chairman of that Committee, Senator Paul Sarbanes (D-MD), was preparing his own proposal, Senate Bill 2673.

Senator Sarbanes's bill passed the Senate Banking Committee on June 18, 2002, by a vote of 17 to 4. On June 25, 2002, WorldCom revealed it had overstated its earnings by more than $3.8 billion during the past five quarters (15 months), primarily by improperly accounting for its operating costs. Senator Sarbanes introduced Senate Bill 2673 to the full Senate that same day, and it passed 97–0 less than three weeks later on July 15, 2002.

The House and the Senate formed a Conference Committee to reconcile the differences between Sen. Sarbanes's bill (S. 2673) and Rep. Oxley's bill (H.R. 3763). The conference committee relied heavily on S. 2673 and "most changes made by the conference committee strengthened the prescriptions of S. 2673 or added new prescriptions."[15]

The Committee approved the final conference bill on July 24, 2002, and gave it the name "the Sarbanes–Oxley Act of 2002". The next day, both houses of Congress voted on it without change, producing an overwhelming margin of victory: 423 to 3 in the House;[16] and 99 to 0 in the Senate.[17]

On July 30, 2002, President George W. Bush signed it into law, stating it included "the most far-reaching reforms of American business practices since the time of Franklin D. Roosevelt".[5]

Analyzing the cost-benefits of Sarbanes–Oxley[edit]

A significant body of academic research and opinion exists regarding the costs and benefits of SOX compliance, with significant differences in conclusions.[18] This is due in part to the difficulty of isolating the impact of SOX from other variables affecting the stock market and corporate earnings.[19][20] Section 404 of the act, which requires management and the external auditor to report on the adequacy of a company's internal control on financial reporting, is often singled out for analysis.

According to a 2019 study in the Journal of Law and Economics, "We find a large decline in the average voting premium of US dual-class firms targeted by major SOX provisions that enhance boards' independence, improve internal controls, and increase litigation risks. The targeted firms also improve the efficiency of investment, cash management, and chief executive officers' compensation relative to firms not targeted by SOX. Overall, the evidence suggests that SOX is effective in curbing the private benefits of control."[21]

Compliance costs[edit]

  • FEI Survey (Annual): Financial Executives International (FEI) provides an annual survey on SOX Section 404 costs. These costs have continued to decline relative to revenues since 2004. The 2007 study indicated that, for 168 companies with average revenues of $4.7 billion, the average compliance costs were $1.7 million (0.036% of revenue).[22] The 2006 study indicated that, for 200 companies with average revenues of $6.8 billion, the average compliance costs were $2.9 million (0.043% of revenue), down 23% from 2005. Cost for decentralized companies (i.e., those with multiple segments or divisions) were considerably more than centralized companies. Survey scores related to the positive effect of SOX on investor confidence, reliability of financial statements, and fraud prevention continue to rise. However, when asked in 2006 whether the benefits of compliance with Section 404 have exceeded costs in 2006, only 22 percent agreed.[23]
  • Foley & Lardner Survey (2007): This annual study focused on changes in the total costs of being a U.S. public company, which were significantly affected by SOX. Such costs include external auditor fees, directors and officers (D&O) insurance, board compensation, lost productivity, and legal costs. Each of these cost categories increased significantly between FY2001 and FY2006. Nearly 70% of survey respondents indicated public companies with revenues under $251 million should be exempt from SOX Section 404.[24]
  • Butler/Ribstein (2006): Their book proposed a comprehensive overhaul or repeal of SOX and a variety of other reforms. For example, they indicate that investors could diversify their stock investments, efficiently managing the risk of a few catastrophic corporate failures, whether due to fraud or competition. However, if each company is required to spend a significant amount of money and resources on SOX compliance, this cost is borne across all publicly traded companies and therefore cannot be diversified away by the investor.[25]
  • A 2011 SEC study found that Section 404(b) compliance costs have continued to decline, especially after 2007 accounting guidance.[26]
  • Lord & Benoit report (2008): A research report entitled "The Lord & Benoit Report: The Sarbanes–Oxley Investment"[27] found the average cost of complying with Section 404(a) for non-accelerated filers (smaller public companies) was $53,724. Total costs of complying with Section 404(a) ranged from as low as $15,000 for a smaller software company to as high as $162,000. The initial prediction by the SEC was an average cost of $91,000 for public companies complying with Section 404(a). "Accounting problems have traditionally been a small company phenomenon, and the stock exchange is talking about exempting those most prone to abuse," said Barbara Roper, the Consumer Federation of America's director of investor protection. "It's a bad idea." She noted a January study by consulting firm Lord & Benoit that found complying with Sarbanes–Oxley would cost small companies an average of $78,000 the first year, or less than the $91,000 initially predicted by the SEC.[28]

Benefits to firms and investors[edit]

  • Arping/Sautner (2010): This research paper analyzes whether SOX enhanced corporate transparency.[29] Looking at foreign firms that are cross-listed in the US, the paper indicates that, relative to a control sample of comparable firms that are not subject to SOX, cross-listed firms became significantly more transparent following SOX. Corporate transparency is measured based on the dispersion and accuracy of analyst earnings forecasts.
  • Iliev (2007): This research paper indicated that SOX 404 indeed led to conservative reported earnings but also reduced—rightly or wrongly—stock valuations of small firms.[30] Lower earnings often cause the share price to decrease.
  • Rice and Weber (2011) shows that only a minority of SOX 404 reports provide any advance warning of the possibility of impending accounting problems. Reporting incentives of the firms, like the need for raising additional external capital, larger firm size and decreased external auditor objectivity, might prohibit firms reporting the weakness of internal control in advance. Therefore, SOX 404 alone might not achieve its intended results.[31]
  • Skaife/Collins/Kinney/LaFond (2006): This research paper indicates that borrowing costs are much lower for companies that improved their internal control, by between 50 and 150 basis points (.5 to 1.5 percentage points).[32]
  • Lord & Benoit Report (2006): Do the Benefits of 404 Exceed the Cost? A study of a population of nearly 2,500 companies indicated that those with no material weaknesses in their internal controls, or companies that corrected them in a timely manner, experienced much greater increases in share prices than companies that did not.[citation needed] The report indicated that the benefits to a compliant company in share price (10% above Russell 3000 index) were greater than their SOX Section 404 costs.
  • Institute of Internal Auditors (2005): The research paper indicates that corporations have improved their internal controls and that financial statements are perceived to be more reliable.[33]
  • Donelson, Ege and McInnis (2017): This research paper indicates that firms with reported material weaknesses have significantly higher fraud.[34][35]

Effects on exchange listing choice of non-US companies[edit]

Some have asserted that Sarbanes–Oxley legislation has helped displace business from New York to London, where the Financial Conduct Authority regulates the financial sector with a lighter touch. In the UK, the non-statutory Combined Code of Corporate Governance plays a somewhat similar role to SOX. See Howell E. Jackson & Mark J. Roe, "Public Enforcement of Securities Laws: Preliminary Evidence" (Working Paper January 16, 2007). London based Alternative Investment Market claims that its spectacular growth in listings almost entirely coincided with the Sarbanes–Oxley legislation. In December 2006, Michael Bloomberg, New York's mayor, and Chuck Schumer, U.S. senator from New York, expressed their concern.[36]

The Sarbanes–Oxley Act's effect on non-U.S. companies cross-listed in the U.S. is different on firms from developed and well regulated countries than on firms from less developed countries according to Kate Litvak.[37] Companies from badly regulated countries see benefits that are higher than the costs from better credit ratings by complying to regulations in a highly regulated country (USA), but companies from developed countries only incur the costs, since transparency is adequate in their home countries as well. On the other hand, the benefit of better credit rating also comes with listing on other stock exchanges such as the London Stock Exchange.

Piotroski and Srinivasan (2008) examine a comprehensive sample of international companies that list onto U.S. and U.K. stock exchanges before and after the enactment of the Act in 2002. Using a sample of all listing events onto U.S. and U.K. exchanges from 1995 to 2006, they find that the listing preferences of large foreign firms choosing between U.S. exchanges and the LSE's Main Market did not change following SOX. In contrast, they find that the likelihood of a U.S. listing among small foreign firms choosing between the Nasdaq and LSE's Alternative Investment Market decreased following SOX. The negative effect among small firms is consistent with these companies being less able to absorb the incremental costs associated with SOX compliance. The screening of smaller firms with weaker governance attributes from U.S. exchanges is consistent with the heightened governance costs imposed by the Act increasing the bonding-related benefits of a U.S. listing.[38]

Implementation of key provisions[edit]

Sarbanes–Oxley Section 302: Disclosure controls[edit]

Under Sarbanes–Oxley, two separate sections came into effect—one civil and the other criminal. 15 U.S.C. § 7241 (Section 302) (civil provision); 18 U.S.C. § 1350 (Section 906) (criminal provision).

Section 302 of the Act mandates a set of internal procedures designed to ensure accurate financial disclosure. The signing officers must certify that they are "responsible for establishing and maintaining internal controls" and "have designed such internal controls to ensure that material information relating to the company and its consolidated subsidiaries is made known to such officers by others within those entities, particularly during the period in which the periodic reports are being prepared". 15 U.S.C. § 7241(a)(4). The officers must "have evaluated the effectiveness of the company's internal controls as of a date within 90 days prior to the report" and "have presented in the report their conclusions about the effectiveness of their internal controls based on their evaluation as of that date". Id..

The SEC interpreted the intention of Sec. 302 in Final Rule 33–8124. In it, the SEC defines the new term "disclosure controls and procedures," which are distinct from "internal controls over financial reporting".[39] Under both Section 302 and Section 404, Congress directed the SEC to promulgate regulations enforcing these provisions.[40]

External auditors are required to issue an opinion on whether effective internal control over financial reporting was maintained in all material respects by management. This is in addition to the financial statement opinion regarding the accuracy of the financial statements. The requirement to issue a third opinion regarding management's assessment was removed in 2007.

A Lord & Benoit report, titled Bridging the Sarbanes–Oxley Disclosure Control Gap, was filed with the SEC Subcommittee on internal controls which reported that those companies with ineffective internal controls, the expected rate of full and accurate disclosure under Section 302 will range between 8 and 15 percent. A full 9 out of every 10 companies with ineffective Section 404 controls self reported effective Section 302 controls in the same period end that an adverse Section 404 was reported, 90% in accurate without a Section 404 audit.

Sarbanes–Oxley Section 303: Improper influence on the conduct of audits[edit]

a. Rules To Prohibit. It shall be unlawful, in contravention of such rules or regulations as the Commission shall prescribe as necessary and appropriate in the public interest or for the protection of investors, for any officer or director of an issuer, or any other person acting under the direction thereof, to take any action to fraudulently influence, coerce, manipulate, or mislead any independent public or certified accountant engaged in the performance of an audit of the financial statements of that issuer for the purpose of rendering such financial statements materially misleading.

b. Enforcement. In any civil proceeding, the Commission shall have exclusive authority to enforce this section and any rule or regulation issued under this section.

c. No Preemption of Other Law. The provisions of subsection (a) shall be in addition to, and shall not supersede or preempt, any other provision of law or any rule or regulation issued thereunder.

d. Deadline for Rulemaking. The Commission shall—1. propose the rules or regulations required by this section, not later than 90 days after the date of enactment of this Act; and 2. issue final rules or regulations required by this section, not later than 270 days after that date of enactment.[41]

Sarbanes–Oxley Section 401: Disclosures in periodic reports (Off-balance sheet items)[edit]

The bankruptcy of Enron drew attention to off-balance sheet instruments that were used fraudulently. During 2010, the court examiner's review of the Lehman Brothers bankruptcy also brought these instruments back into focus, as Lehman had used an instrument called "Repo 105" to allegedly move assets and debt off-balance sheet to make its financial position look more favorable to investors. Sarbanes–Oxley required the disclosure of all material off-balance sheet items. It also required an SEC study and report to better understand the extent of usage of such instruments and whether accounting principles adequately addressed these instruments; the SEC report was issued June 15, 2005.[42][43] Interim guidance was issued in May 2006, which was later finalized.[44] Critics argued the SEC did not take adequate steps to regulate and monitor this activity.[45]

Sarbanes–Oxley Section 404: Assessment of internal control[edit]

The most contentious aspect of SOX is Section 404, which requires management and the external auditor to report on the adequacy of the company's internal control on financial reporting (ICFR). This is the most costly aspect of the legislation for companies to implement, as documenting and testing important financial manual and automated controls requires enormous effort.[46]

Under Section 404 of the Act, management is required to produce an "internal control report" as part of each annual Exchange Act report. See 15 U.S.C. § 7262. The report must affirm "the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting". 15 U.S.C. § 7262(a). The report must also "contain an assessment, as of the end of the most recent fiscal year of the Company, of the effectiveness of the internal control structure and procedures of the issuer for financial reporting". To do this, managers are generally adopting an internal control framework such as that described in COSO.

To help alleviate the high costs of compliance, guidance and practice have continued to evolve. The Public Company Accounting Oversight Board (PCAOB) approved Auditing Standard No. 5 for public accounting firms on July 25, 2007.[47] This standard superseded Auditing Standard No. 2, the initial guidance provided in 2004. The SEC also released its interpretive guidance[48] on June 27, 2007. It is generally consistent with the PCAOB's guidance, but intended to provide guidance for management. Both management and the external auditor are responsible for performing their assessment in the context of a top-down risk assessment, which requires management to base both the scope of its assessment and evidence gathered on risk. This gives management wider discretion in its assessment approach. These two standards together require management to:

  • Assess both the design and operating effectiveness of selected internal controls related to significant accounts and relevant assertions, in the context of material misstatement risks;
  • Understand the flow of transactions, including IT aspects, in sufficient detail to identify points at which a misstatement could arise;
  • Evaluate company-level (entity-level) controls, which correspond to the components of the COSO framework;
  • Perform a fraud risk assessment;
  • Evaluate controls designed to prevent or detect fraud, including management override of controls;
  • Evaluate controls over the period-end financial reporting process;
  • Scale the assessment based on the size and complexity of the company;
  • Rely on management's work based on factors such as competency, objectivity, and risk;
  • Conclude on the adequacy of internal control over financial reporting.

SOX 404 compliance costs represent a tax on inefficiency, encouraging companies to centralize and automate their financial reporting systems. This is apparent in the comparative costs of companies with decentralized operations and systems, versus those with centralized, more efficient systems. For example, the 2007 Financial Executives International (FEI) survey indicated average compliance costs for decentralized companies were $1.9 million, while centralized company costs were $1.3 million.[49] Costs of evaluating manual control procedures are dramatically reduced through automation.

Corporate Implementation of Sarbanes Oxley (SOX) Compliance[edit]

The Committee of Sponsoring Organizations (COSO) Report, as the framework became known, was the first-ever attempt in corporate America to establish a universal definition of Internal Controls, along with proposed guidelines for governance, independence and quality assurance. The initial implementation of a SOX compliance project is complex and burdensome on public companies planning to list or maintaining its listing. Full compliance requires an integrated enterprise-wide initiative. The success of the compliance project requires a triangulation of the resources of three executives, the CEO, CFO, and CIO and is usually facilitated by the project management office (PMO). The success of the compliance project depends on the proper “mapping” of information systems controls CoBIT (Control Objectives of Information and Its related Technology) to existing and new financial and operational controls as defined by the COSO Report. [50]

Sarbanes–Oxley 404 and smaller public companies[edit]

The cost of complying with SOX 404 impacts smaller companies disproportionately, as there is a significant fixed cost involved in completing the assessment. For example, during 2004 U.S. companies with revenues exceeding $5 billion spent 0.06% of revenue on SOX compliance, while companies with less than $100 million in revenue spent 2.55%.[51]

This disparity is a focal point of 2007 SEC and U.S. Senate action.[52] The PCAOB intends to issue further guidance to help companies scale their assessment based on company size and complexity during 2007. The SEC issued their guidance to management in June, 2007.[48]

After the SEC and PCAOB issued their guidance, the SEC required smaller public companies (non-accelerated filers) with fiscal years ending after December 15, 2007 to document a Management Assessment of their Internal Controls over Financial Reporting (ICFR). Outside auditors of non-accelerated filers however opine or test internal controls under PCAOB (Public Company Accounting Oversight Board) Auditing Standards for years ending after December 15, 2008. Another extension was granted by the SEC for the outside auditor assessment until years ending after December 15, 2009. The reason for the timing disparity was to address the House Committee on Small Business concern that the cost of complying with Section 404 of the Sarbanes–Oxley Act of 2002 was still unknown and could therefore be disproportionately high for smaller publicly held companies.[53] On October 2, 2009, the SEC granted another extension for the outside auditor assessment until fiscal years ending after June 15, 2010. The SEC stated in their release that the extension was granted so that the SEC's Office of Economic Analysis could complete a study of whether additional guidance provided to company managers and auditors in 2007 was effective in reducing the costs of compliance. They also stated that there will be no further extensions in the future.[54]

On September 15, 2010 the SEC issued final rule 33–9142 the permanently exempts registrants that are neither accelerated nor large accelerated filers as defined by Rule 12b-2 of the Securities and Exchange Act of 1934 from Section 404(b) internal control audit requirement.[55]

Sarbanes–Oxley Section 802: Criminal penalties for influencing US Agency investigation/proper administration[edit]

Section 802(a) of the SOX, 18 U.S.C. § 1519 states:

Whoever knowingly alters, destroys, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document, or tangible object with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States or any case filed under title 11, or in relation to or contemplation of any such matter or case, shall be fined under this title, imprisoned not more than 20 years, or both.

Sarbanes–Oxley Section 806: Civil action to protect against retaliation in fraud cases[edit]

Section 806 of the Sarbanes–Oxley Act, also known as the whistleblower-protection provision, prohibits any "officer, employee, contractor, subcontractor, or agent" of a publicly traded company from retaliating against "an employee" for disclosing reasonably perceived potential or actual violations of the six enumerated categories of protected conduct in Section 806 (securities fraud, shareholder fraud, bank fraud, a violation of any SEC rule or regulation, mail fraud, or wire fraud).[56] Section 806 prohibits a broad range of retaliatory adverse employment actions, including discharging, demoting, suspending, threatening, harassing, or in any other manner discriminating against a whistleblower.[56] Recently a federal court of appeals held that merely "outing" or disclosing the identity of a whistleblower is actionable retaliation.

Remedies under Section 806 include:

(A) reinstatement with the same seniority status that the employee would have had, but for the discrimination;

(B) the amount of back pay, with interest; and

(C) compensation for any special damages sustained as a result of the discrimination, including litigation costs, expert witness fees, and reasonable attorney fees.[56]

Filing procedure[edit]

A claim under the anti-retaliation provision of the Sarbanes–Oxley Act must be filed initially at the Occupational Safety and Health Administration at the U.S. Department of Labor. OSHA will perform an investigation and if they conclude that the employer violated SOX, OSHA can order preliminary reinstatement.[57] OSHA is required to dismiss the complaint if the complaint fails to make a prima facie showing that the protected activity was a "contributing factor" in the adverse employment action.[58]

Significant §806 whistleblower decisions[edit]

In the sixteen-year period from the passage of the Sarbanes Oxley Act in 2002 through December 31, 2018, a total of 1039 cases have been filed with the Department of Labor of which 62 were still pending before the Department of Labor as of January 1, 2019.[59]

Case Court Date of Decision Holding
Gilmore v. Parametric Technology Company ALJ Feb 6, 2003 First case decided under SOX. Employee protection provisions of Section 806 were not to be applied retroactively to conduct which occurred before the Sarbanes–Oxley Act of 2002 became law.[60]
Digital Realty Trust v. Somers US Supreme Court Feb 21, 2018 Whistleblowers who report internally without first reporting to the SEC must rely on §806 protection and are not covered by Dodd Frank anti-retaliation provisions.[61]
Sylvester v. Parexel Int'l LLC ARB May 25, 2011 Whistleblower need not wait until illegal conduct occurs to make a complaint, so long as the employee reasonably believes that the violation is likely to happen.[62]
Palmer v. Illinois Central Railroad Company ARB Sep 30, 2016 Respondents can use all relevant admissible evidence to rebut Complainant's evidence that "it is more likely than not that the employee's protected activity was a contributing factor in the employer's adverse action.[63]
Turin v. Amtrust Financial Services ARB Mar 29, 2013 Parties may privately agree to extend the deadline to file a whistleblower complaint.[64]
Zinn v. American Commercial Airlines ARB Dec 17, 2013 Company did not violate Section 806 where the Company demonstrated by clear and convincing evidence that its decision to terminate was based on the employee's insubordination.[62]
Lawson v. FMR US Supreme Court Mar 14, 2014 The anti-retaliation protection provided to whistleblowers by SOX applies to employees of private companies that contract with public companies.[65]
Perez v. Progenics Pharmaceuticals, Inc. SDNY Sep 9, 2016 $5 million jury verdict to a former senior manager at Progenics Pharmaceuticals, Inc. who was terminated in retaliation for his disclosure to executives that the company was committing fraud against shareholders by making inaccurate representations about the results of a clinical trial. The award included $2.7 million in Front Pay from age at decision date (58) through retirement.[66]
Murray v. UBS Securities, LLC SDNY Dec 19, 2017 $903,300 jury verdict for emotional distress and back pay to a former UBS research analyst who was fired in 2012 after complaining to his supervisor that he was pressured to falsely report better market conditions in order to boost UBS' revenue numbers.[67]

Sarbanes–Oxley Section 906: Criminal Penalties for CEO/CFO financial statement certification[edit]

§ 1350. Section 906 states: Failure of corporate officers to certify financial reports

(a) Certification of Periodic Financial Reports.— Each periodic report containing financial statements filed by an issuer with the Securities Exchange Commission pursuant to section 13(a) or 15(d) of the Securities Exchange Act of 1934 (15 U.S.C. 78m (a) or 78o (d)) shall be accompanied by a written statement by the chief executive officer and chief financial officer (or equivalent thereof) of the issuer.

(b) Content.— The statement required under subsection (a) shall certify that the periodic report containing the financial statements fully complies with the requirements of section 13(a) or 15(d) of the Securities Exchange Act of [1] 1934 (15 U.S.C. 78m or 78o (d)) and that information contained in the periodic report fairly presents, in all material respects, the financial condition and results of operations of the issuer.

(c) Criminal Penalties.— Whoever— (1) certifies any statement as set forth in subsections (a) and (b) of this section knowing that the periodic report accompanying the statement does not comport with all the requirements set forth in this section shall be fined not more than $1,000,000 or imprisoned not more than 10 years, or both; or

(2) willfully certifies any statement as set forth in subsections (a) and (b) of this section knowing that the periodic report accompanying the statement does not comport with all the requirements set forth in this section shall be fined not more than $5,000,000, or imprisoned not more than 20 years, or both.[68]

Sarbanes–Oxley Section 1107: Criminal penalties for retaliation against whistleblowers[edit]

Section 1107 of the SOX 18 U.S.C. § 1513(e) states:[69]

Whoever knowingly, with the intent to retaliate, takes any action harmful to any person, including interference with the lawful employment or livelihood of any person, for providing to a law enforcement officer any truthful information relating to the commission or possible commission of any federal offense, shall be fined under this title, imprisoned not more than 10 years, or both.

Clawbacks of executive compensation for misconduct[edit]

One of the highlights of the law was a provision that allowed the SEC to force a company's CEO or CFO to disgorge any executive compensation (such as bonus pay or proceeds from stock sales) earned within a year of misconduct that results in an earnings restatement. However, according to Gretchen Morgenson of The New York Times, such clawbacks have actually been rare, due in part to the requirement that the misconduct must be either deliberate or reckless. The SEC did not attempt to claw back any executive compensation until 2007, and as of December 2013 had only brought 31 cases, 13 of which were begun after 2010. However, according to Dan Whalen of the accounting research firm Audit Analytics, the threat of clawbacks, and the time-consuming litigation associated with them, has forced companies to tighten their financial reporting standards.[70]


Congressman Ron Paul and others such as former Arkansas governor Mike Huckabee have contended that SOX was an unnecessary and costly government intrusion into corporate management that places U.S. corporations at a competitive disadvantage with foreign firms, driving businesses out of the United States. In an April 14, 2005 speech before the U.S. House of Representatives, Paul stated[71]

These regulations are damaging American capital markets by providing an incentive for small US firms and foreign firms to deregister from US stock exchanges. According to a study by a researcher at the Wharton Business School, the number of American companies deregistering from public stock exchanges nearly tripled during the year after Sarbanes–Oxley became law, while the New York Stock Exchange had only 10 new foreign listings in all of 2004. The reluctance of small businesses and foreign firms to register on American stock exchanges is easily understood when one considers the costs Sarbanes–Oxley imposes on businesses. According to a survey by Korn/Ferry International, Sarbanes–Oxley cost Fortune 500 companies an average of $5.1 million in compliance expenses in 2004, while a study by the law firm of Foley and Lardner found the Act increased costs associated with being a publicly held company by 130 percent.

A research study published by Joseph Piotroski of Stanford University and Suraj Srinivasan of Harvard Business School titled "Regulation and Bonding: Sarbanes Oxley Act and the Flow of International Listings" in the Journal of Accounting Research in 2008 found that following the act's passage, smaller international companies were more likely to list in stock exchanges in the U.K. rather than U.S. stock exchanges.[72]

During the financial crisis of 2007–2010, critics blamed Sarbanes–Oxley for the low number of Initial Public Offerings (IPOs) on American stock exchanges during 2008. In November 2008, Newt Gingrich and co-author David W. Kralik called on Congress to repeal Sarbanes–Oxley.[73]

A 2012 Wall Street Journal editorial stated,

One reason the U.S. economy isn't creating enough jobs is that it's not creating enough employers ... For the third year in a row the world's leading exchange for new stock offerings was located not in New York, but in Hong Kong ... Given that the U.S. is still home to the world's largest economy, there's no reason it shouldn't have the most vibrant equity markets—unless regulation is holding back the creation of new public companies. On that score it's getting harder for backers of the Sarbanes–Oxley accounting law to explain away each disappointing year since its 2002 enactment as some kind of temporary or unrelated setback.[74]


Former Federal Reserve Chairman Alan Greenspan praised the Sarbanes–Oxley Act in 2005: "I am surprised that the Sarbanes–Oxley Act, so rapidly developed and enacted, has functioned as well as it has ... the act importantly reinforced the principle that shareholders own our corporations and that corporate managers should be working on behalf of shareholders to allocate business resources to their optimum use."[75]

SOX has been praised by a cross-section of financial industry experts, citing improved investor confidence and more accurate, reliable financial statements. The CEO and CFO are now required to unequivocally take ownership for their financial statements under Section 302, which was not the case prior to SOX. Further, auditor conflicts of interest have been addressed, by prohibiting auditors from also having lucrative consulting agreements with the firms they audit under Section 201. SEC Chairman Christopher Cox stated in 2007: "Sarbanes–Oxley helped restore trust in U.S. markets by increasing accountability, speeding up reporting, and making audits more independent."[76]

The 2007 FEI study and research by the Institute of Internal Auditors (IIA) also indicate SOX has improved investor confidence in financial reporting, a primary objective of the legislation. The IIA study also indicated improvements in board, audit committee, and senior management engagement in financial reporting and improvements in financial controls.[77][78]

Financial restatements increased significantly in the wake of the SOX legislation, as companies "cleaned up" their books. Glass, Lewis & Co. LLC is a San Francisco-based firm that tracks the volume of do-overs by public companies. Its March 2006 report, "Getting It Wrong the First Time," shows 1,295 restatements of financial earnings in 2005 for companies listed on U.S. securities markets, almost twice the number for 2004. "That's about one restatement for every 12 public companies—up from one for every 23 in 2004," says the report.[79]

A fraud documented by the Securities and Exchange Commission (SEC) in November 2009, validated whistleblower allegations first logged in 2005.[80] may be directly credited to Sarbanes–Oxley. The fraud, which spanned nearly 20 years and involved over $24 million, was committed by Value Line (NasdaqVALU) against its mutual fund shareholders. The fraud was first reported to the SEC in 2004 by the then Value Line Fund (NasdaqVLIFX) portfolio manager and Chief Quantitative Strategist, Mr. John (Jack) R. Dempsey of Easton, Connecticut, who was required to sign a Code of Business Ethics as part of SOX.[81][82][83] Restitution totaling $34 million was placed in a fair fund and returned to the affected Value Line mutual fund investors.[84] The Commission ordered Value Line to pay a total of $43,705,765 in disgorgement, prejudgment interest and civil penalty, and ordered Buttner, CEO and Henigson, COO to pay civil penalties of $1,000,000 and $250,000, respectively. The Commission further imposed officer and director bars and broker-dealer, investment adviser, and investment company associational bars ("Associational Bars") against Buttner and Henigson. No criminal charges were filed.

The Sarbanes–Oxley Act has been praised for nurturing an ethical culture as it forces top management to be transparent and employees to be responsible for their acts whilst protecting whistleblowers.[85] Indeed, courts have held that top management may be in violation of its obligation to assess and disclose material weaknesses in its internal control over financial reporting when it ignores an employee's concerns that could impact the company's SEC filings.

Legal challenges[edit]

A lawsuit (Free Enterprise Fund v. Public Company Accounting Oversight Board) was filed in 2006 challenging the constitutionality of the PCAOB. The complaint argues that because the PCAOB has regulatory powers over the accounting industry, its officers should be appointed by the President, rather than the SEC.[86] Further, because the law lacks a "severability clause," if part of the law is judged unconstitutional, so is the remainder. If the plaintiff prevails, the U.S. Congress may have to devise a different method of officer appointment. Further, the other parts of the law may be open to revision.[87][88] The lawsuit was dismissed from a District Court; the decision was upheld by the Court of Appeals on August 22, 2008.[89] Judge Kavanaugh, in his dissent, argued strongly against the constitutionality of the law.[90] On May 18, 2009, the United States Supreme Court agreed to hear this case.[91] On December 7, 2009, it heard the oral arguments.[92] On June 28, 2010, the United States Supreme Court unanimously turned away a broad challenge to the law, but ruled 5–4 that a section related to appointments violates the Constitution's separation of powers mandate. The act remains "fully operative as a law" pending a process correction.[93]

In its March 4, 2014 Lawson v. FMR LLC decision the United States Supreme Court rejected a narrow reading of the SOX whistleblower protection and instead held that the anti-retaliation protection that the Sarbanes–Oxley Act of 2002 provided to whistleblowers applies also to employees of a public company's private contractors and subcontractors, including the attorneys and accountants who prepare the SEC filings of public companies.[94] Subsequent interpretations of Lawson, however, suggest that the disclosures of a contractor's employee are protected only if those disclosures pertain to fraud perpetrated by a publicly traded company, as opposed to wrongdoing by a private contractor.

In its February 25, 2015 Yates v. United States decision the Supreme Court of the United States sided with Yates by reversing the previous judgement, with a plurality of the justices reading the Act to cover "only objects one can use to record or preserve information, not all objects in the physical world". Justice Samuel Alito concurred in the judgment and noted that the statute's nouns and verbs only applies to filekeeping and not fish.[95]

Sarbanes–Oxley reporting tools[edit]

Close scrutiny of corporate governance and greater responsibility placed on directors to vouch for the reports submitted to the SEC and other federal agencies, have resulted in the growth of software solutions aimed at reducing the complexity, time and expense involved in creating the reports.[96] This trend accelerated in 2008 with the passage of the Dodd–Frank Wall Street Reform and Consumer Protection Act.

2021 U.S. Capitol attack charges[edit]

Some twenty years after its implementation, a provision of the Sarbanes–Oxley Act, 18 U.S. Code § 1512, was introduced in the prosecution of many of the rioters of the January 6, 2021 U.S. Capitol attack. Some 40% were charged with corruptly impeding an official proceeding.[97][98][99]

Legislative information[edit]

Similar laws in other countries[edit]

See also[edit]


  1. ^ "SEC.gov | The Laws That Govern the Securities Industry". www.sec.gov. Retrieved May 23, 2020.
  2. ^ Kimmel, Paul D.; Weygandt, Jerry J.; Kieso, Donald E. (2011). Financial Accounting, 6th Edition. Wiley. ISBN 978-0-470-53477-9.
  3. ^ Behl, Ramesh; O'Brien, James A.; Marakas, George M. (January 10, 2019). Management Information Systems. McGraw-Hill Education. ISBN 978-93-5316-466-9.
  4. ^ "SEC Auditor - Salberg & Company, P.A. Sarbanes". www.secauditor.com. Retrieved March 16, 2020.
  5. ^ a b Bumiller, Elisabeth (July 31, 2002). "Bush Signs Bill Aimed at Fraud in Corporations". The New York Times.
  6. ^ Colon, Dina (2005) "The Foreign Bank Exemption to the Sarbanes-Oxley Prohibition on Loans to Directors and Officers, "Journal of International Business and Law: Vol. 4: Iss. 1, Article 7
  7. ^ Mckinsey & Company (2007). "NY REPORT" (PDF). Schumer Senate website. Archived from the original (PDF) on January 12, 2009.
  8. ^ "Not Everyone Hates SarbOx". BusinessWeek.com. Bloomberg L.P. January 28, 2007. Archived from the original on April 28, 2007. Retrieved March 13, 2014.
  9. ^ Feldman, David. "Summary of JOBS Bill and Update". Archived from the original on March 24, 2012. Retrieved August 27, 2021.
  10. ^ Kuschnik, Bernhard; The Sarbanes Oxley Act: "Big Brother is watching" you or Adequate Measures of Corporate Governance Regulation? 5 Rutgers Business Law Journal [2008], 64–95; available at http://businesslaw.newark.rutgers.edu/RBLJ_vol5_no1_kuschnik.pdf
  11. ^ Farrell, Greg. "America Robbed Blind." Wizard Academy Press: 2005
  12. ^ Lucas, Nance (2004). "Sarbanes Interview". Findarticles.com. Archived from the original on September 22, 2008. Retrieved August 27, 2010.
  13. ^ "SEC Annual Budget". Sec.gov. June 23, 2009. Retrieved August 27, 2010.
  14. ^ "SEC Levitt Speech The Numbers Game". Retrieved August 27, 2010.
  15. ^ Bostelman, John T. (date unknown). The Sarbanes–Oxley Deskbook § 2–31.
  16. ^ "Data". clerk.house.gov. 2002. Retrieved November 27, 2019.
  17. ^ "U.S. Senate: U.S. Senate Roll Call Votes 107th Congress – 2nd Session". senate.gov.
  18. ^ Wood, David A. (December 2012). "Internal Audit Outsourcing and the Risk of Misleading or Fraudulent Financial Reporting: Did Sarbanes-Oxley Get It Wrong?". Contemporary Accounting Research. 29 (4): 1109–1136. doi:10.1111/j.1911-3846.2012.01141.x.
  19. ^ "Five years of Sarbanes–Oxley". The Economist. July 26, 2007.
  20. ^ Shakespeare, Catharine (2008). "Sarbanes–Oxley Act of 2002 Five Years On: What Have We Learned?". Journal of Business & Technology Law: 333.
  21. ^ Gao, Feng; Zhang, Ivy Xiying (February 1, 2019). "The Impact of the Sarbanes-Oxley Act on the Dual-Class Voting Premium". The Journal of Law and Economics. 62 (1): 181–214. doi:10.1086/701806. ISSN 0022-2186. S2CID 199289490.
  22. ^ "FEI 2007 Survey of SOX 404 Costs". Fei.mediaroom.com. April 30, 2008. Archived from the original on July 14, 2011. Retrieved August 27, 2010.
  23. ^ "FEI Press Room – News Releases". October 11, 2007. Archived from the original on October 11, 2007.
  24. ^ "Foley & Lardner 2007 Study". Foley.com. February 8, 2007. Retrieved August 27, 2010.
  25. ^ Butler, Henry N. (June 5, 2006). "The Sarbanes–Oxley Debacle". Aei.org. Archived from the original on August 22, 2010. Retrieved August 27, 2010.
  26. ^ "Study and Recommendations on Section 404(b)" (PDF). Securities and Exchange Commission. April 2011.
  27. ^ Bob Benoit (January 11, 2008). "The Lord & Benoit Report: The Sarbanes-Oxley Investment: A Section 404 Cost Study for Smaller Public Companies" (PDF). Lord & Benoit, LLC.
  28. ^ Neil Roland (June 23, 2008). "Low odds for NYSE effort to ease SarbOx: Big Board wants law relaxed for small, mid-size players". FinancialWeek.
  29. ^ "The Effect of Corporate Governance Regulation on Transparency: Evidence from the Sarbanes-Oxley Act of 2002". August 2012. SSRN 1561619.
  30. ^ "The Effect of the Sarbanes–Oxley Act (Section 404) Management's Report on Audit Fees, Accruals and Stock Returns". August 26, 2009. SSRN 983772.
  31. ^ RICE, SARAH C.; WEBER, DAVID P. (January 3, 2012). "How Effective Is Internal Control Reporting under SOX 404? Determinants of the (Non-)Disclosure of Existing Material Weaknesses". Journal of Accounting Research. 50 (3): 811–843. doi:10.1111/j.1475-679x.2011.00434.x. S2CID 154283750.
  32. ^ Ashbaugh-Skaife, Hollis; Collins, Daniel W.; Kinney, William R. Jr.; LaFond, Ryan (November 7, 2008). "The Effect of SOX Internal Control Deficiencies on Firm Risk and Cost of Equity". SSRN 896760.
  33. ^ "IIA Research SOX Looking at the Benefits". Theiia.org. Archived from the original on April 30, 2011. Retrieved August 27, 2010.
  34. ^ McCann, David (September 5, 2017). "Study Hits Critics of SOX Internal Controls Provision".
  35. ^ "Internal Control Weaknesses and Financial Reporting Fraud" (PDF). aaahq.org.
  36. ^ "Sustaining New York's and the US' Global Financial Services Leadership" (PDF). Senate.gov. Archived from the original (PDF) on February 2, 2007.
  37. ^ "The Effect of the Sarbanes–Oxley Act on Non-U.S. Companies Cross-Listed in the U.S. by Kate Litvak". January 20, 2006. SSRN 876624.
  38. ^ Piotroski, Joseph D.; Srinivasan, Suraj (January 2008). "Regulation and Bonding: The Sarbanes–Oxley Act and the Flow of International Listings". SSRN 956987.
  39. ^ "Final Rule: Certification of Disclosure in Companies' Quarterly and Annual Reports". Sec.gov. Retrieved August 27, 2010.
  40. ^ "SEC Final Rules 33–8238". Sec.gov. Retrieved August 27, 2010.
  41. ^ [1] kmblegal.com
  42. ^ "SEC-Press Release on 401(c) Report-June 15, 2005". Sec.gov. June 15, 2005. Retrieved August 27, 2010.
  43. ^ "Report and Recommendations Pursuant to Section 401(c) of the Sarbanes-Oxley Act of 2002 On Arrangements with Off-Balance Sheet Implications, Special Purpose Entities, and Transparency of Filings by Issuers" (PDF). Retrieved August 27, 2010.
  44. ^ "Policy Statement: Interagency Statement on Sound Practices Concerning Elevated Risk Complex Structured Finance Activities" (PDF). Retrieved August 27, 2010.
  45. ^ Koniak, Susan P.; Cohen, George M.; Dana, David A. & Ross, Thomas (April 3, 2010). "How Washington Abetted the Bank Job". New York Times.
  46. ^ "Sarbanes-Oxley Section 404 Places Disproportionate Burden on Smaller Public Companies" (PDF). October 24, 2008. Archived from the original (PDF) on October 24, 2008.
  47. ^ "Docket 021". pcaobus.org.
  48. ^ a b "SEC Interpretive Release: Commission Guidance Regarding Management's Report on Internal Control Over Financial Reporting Under Section 13(a) or 15(d) of the Securities Exchange Act of 1934" (PDF). Retrieved August 27, 2010.
  49. ^ "FEI Survey 2007". Fei.mediaroom.com. April 30, 2008. Archived from the original on November 6, 2013. Retrieved August 27, 2010.
  50. ^ "Corporate Governance: The CEO, CFO and CIO Guide to Sarbanes Oxley (SOX) Act Compliance Project Management Best Practices". The Executive Journal -International Institute of Management.
  51. ^ "Final Report: Advisory Committee on Smaller Public Companies" (PDF). Retrieved August 27, 2010.
  52. ^ "Dodd-Shelby Amendment". Dodd.senate.gov. April 25, 2007. Retrieved August 27, 2010.
  53. ^ Rezzy, Oleg (2007). "Sarbanes–Oxley: Progressive Punishment for Regressive Victimization". Houston Law Review. 44 (1): 95–129. SSRN 978834.
  54. ^ "SEC Press Release:Final Stage of Section 404 of Sarbanes–Oxley to Begin in June". Sec.gov. Retrieved August 27, 2010.
  55. ^ "Internal control over financial reporting in exchange act periodic reports of non-accelerated filers" (PDF). SEC.gov. Retrieved September 15, 2010.
  56. ^ a b c "18 U.S. Code § 1514A – Civil action to protect against retaliation in fraud cases". LII / Legal Information Institute.
  57. ^ 18 U.S.C. Sec. 1514A(b)(1)(A).
  58. ^ 49 U.S.C. Sec. 42121(b)(2)(B)(i).
  59. ^ "Office of Administrative Law Judges - U.S. Department of Labor". www.oalj.dol.gov.
  60. ^ "Sarbanes-Oxley Whistleblower Provision Should Not Be Applied Retroactively, ALJ Decides". Jackson Lewis. May 22, 2015.
  61. ^ Kelton, Erika. "Fallout from Supreme Court decision on whistleblower protection could hit corporations hard". Forbes.
  62. ^ a b "Report" (PDF). kmblegal.com. 2016. Retrieved November 27, 2019.
  63. ^ "Restoring Decades-Old Precedent, the DOL Blows the Whistle on Fordham's "Fundamental Error"". Littler Mendelson P.C. October 13, 2016.
  64. ^ "Tolling limitation" (PDF). www.whistleblowers.gov. 2017. Retrieved November 27, 2019.
  65. ^ "Opinion analysis: Coverage of SOX whistleblower protection is no longer Up in the Air". SCOTUSblog. March 5, 2014.
  66. ^ "New Front in Whistleblower Retaliation: Front Pay". September 19, 2016.
  67. ^ "Jury Gives Ex-UBS Analyst Nearly $1 million in Whistleblower Row" (PDF). December 21, 2017. Archived from the original (PDF) on November 26, 2020. Retrieved September 3, 2020.
  68. ^ "18 U.S. Code § 1350 - Failure of corporate officers to certify financial reports | U.S. Code | US Law | LII / Legal Information Institute". Law.cornell.edu. July 30, 2002. Retrieved November 27, 2019.
  69. ^ Stephen M. Kohn, Michael D. Kohn, and David K. Colapinto (2004). Whistleblower Law: A Guide to Legal Protections for Corporate Employees. Praeger Publishers. ISBN 0-275-98127-4
  70. ^ Morgenson, Gretchen (December 29, 2013). "Clawbacks? They're Still a Rare Breed". The New York Times.
  71. ^ Repeal Sarbanes-Oxley! Ron Paul, April 14, 2005
  72. ^ Piotroski, Joseph D.; Srinivasan, Suraj (May 2008). "Regulation and Bonding: The Sarbanes-Oxley Act and the Flow of International Listings" (PDF). Journal of Accounting Research. 46 (2): 383–425. doi:10.1111/j.1475-679X.2008.00279.x. S2CID 14523286.
  73. ^ Newt Gingrich; David W. Kralik (November 5, 2008). "Gingrich". Sfgate.com. Retrieved August 27, 2010.
  74. ^ America as Number Two, Wall St. Journal, January 4, 2012
  75. ^ "Greenspan praises SOX". Federalreserve.gov. May 15, 2005. Retrieved August 27, 2010.
  76. ^ Farrell, Greg (July 30, 2007). "SOX Law Has Been a Pretty Clean Sweep". USA Today. Retrieved August 27, 2010.
  77. ^ "FEI Survey". Fei.mediaroom.com. April 30, 2008. Archived from the original on July 14, 2011. Retrieved August 27, 2010.
  78. ^ "IIA Study". Theiia.org. Archived from the original on April 30, 2011. Retrieved August 27, 2010.
  79. ^ "Glass Lewis Survey of Restatements" (PDF). Archived from the original (PDF) on May 12, 2011. Retrieved August 27, 2010.
  80. ^ "Administrative Proceeding: Value Line, Inc., Value Line Securities, Inc., Jean Bernhard Buttner, and David Henigson" (PDF). Retrieved August 27, 2010.
  81. ^ "Publisher Value Line may take earnings hit from SEC inquiry". Marketwatch.com. Retrieved August 27, 2010.
  82. ^ Vidya, Sree (November 9, 2009). "Value Line Settlement Marks End of Buttner Reign". Bloomberg.com. Retrieved August 27, 2010.
  83. ^ Glater, Jonathan D. (August 2, 2008). "The S.E.C. Is Investigating Fee Practices at Value Line". The New York Times.
  84. ^ Keating, Gina (November 4, 2009). "Value Line, execs to pay $45 mln in SEC case". Reuters.com. Retrieved August 27, 2010.
  85. ^ "Whistleblower Protection Under The Sarbanes-Oxley Act" (PDF). New York Law Journal. June 26, 2003. Retrieved March 4, 2011.
  86. ^ "Complaint: Free Enterprise Fund, et al. v. The Public Company Accounting Oversight Board, et al. UNITED STATES DISTRICT COURT – Case 1:06CV00217" (PDF). The Wall Street Journal.
  87. ^ "Washington Post". Washington Post. July 20, 2008. Retrieved August 27, 2010.
  88. ^ "NPR-Supreme Court Considers Sarbanes-Oxley Board". Npr.org. December 7, 2009. Retrieved August 27, 2010.
  89. ^ "PCAOB Statement on Favorable Decision in Free Enterprise Fund v. PCAOB". pcaobus.org.
  90. ^ "NY Sun Editorial". Nysun.com. Retrieved August 27, 2010.
  91. ^ "Supreme Court weighs validity of anti-fraud law – Yahoo! Finance". December 13, 2009. Archived from the original on December 13, 2009.
  92. ^ "12_7_09 Oral Argument Transcript" (PDF). Supremecourtus.gov. Archived from the original (PDF) on December 21, 2009. Retrieved August 27, 2010.
  93. ^ Norris, Floyd; Liptak, Adam (June 28, 2010). "Supreme Court Upholds Accounting Board". The New York Times.
  94. ^ Rapp, Geoffrey (March 5, 2014). "Opinion analysis: Coverage of SOX whistleblower protection is no longer Up in the Air". SCOTUSblog. Retrieved June 24, 2014.
  95. ^ Supreme Court Fish Case: Alito Saves the Day, Kagan Cites Dr. Seuss. Retrieved 27 February 2015.
  96. ^ Howell, Joseph; Ray, Thomas (March 13, 2015). "In the Crosshairs: What the PCAOB's Inspection Results Mean for Your Company". Financial Executives International Daily. Financial Executives International. Retrieved October 29, 2016. Auditors have responded to the demands of the PCAOB and the SEC by turning up the pressure on their clients to improve documentation
  97. ^ "Analysis | What crime might Trump have committed on Jan. 6? Liz Cheney points to one". Washington Post. ISSN 0190-8286. Retrieved December 30, 2021.
  98. ^ "Feds using Enron-era law to seek longer sentences for leaders of the Jan. 6 MAGA mob: report". Raw Story. December 29, 2021. Retrieved December 30, 2021.
  99. ^ "Government Wins Key Ruling on Issue Affecting Hundreds of Capitol Riot Cases". Lawfare. December 14, 2021. Retrieved December 30, 2021.
  100. ^ "Italian law 262/2005". Gazzetta Ufficiale. Retrieved May 31, 2018.
  101. ^ "Capital Markets Board of Turkey Regulation Seri:X No:19". Resmi Gazete. Retrieved May 8, 2019.

External links[edit]